JaffaCakes118_583263a359b914b176d69a88b3646dbf

General

Target

JaffaCakes118_583263a359b914b176d69a88b3646dbf
Size

160KB
MD5

583263a359b914b176d69a88b3646dbf
SHA1

d89e452870806ce5b381c0383bcc21fdca21f2b3
SHA256

615c81c523e0d149c6028933b738ce73cac4635c89c628abf5bb3dd9ea7b0acd
SHA512

d89e6dad243b0d6be37f98405070ac67283ce517a6f9d9e47697fbbf8a63cd24d38671baa26ce8b9f91419775f1697f64e9648b522da4571f3af3c0720fbc354
SSDEEP

3072:XZos/wh/aG0cV/2EfaSV6UjZkbPhcslzQKzH7lre:ms/wh/ayVBJVGF5QKv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_583263a359b914b176d69a88b3646dbf

Files

JaffaCakes118_583263a359b914b176d69a88b3646dbf
.exe windows:4 windows x86 arch:x86

3299a1ea868ec5595eedd2fc62592d1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathCombineW
UrlCombineW
UrlGetPartW
UrlCanonicalizeW
UrlApplySchemeW
PathAppendW

wtsapi32

WTSUnRegisterSessionNotification
WTSQuerySessionInformationW
WTSFreeMemory
WTSEnumerateSessionsW
WTSRegisterSessionNotification

msimg32

TransparentBlt

oleacc

LresultFromObject
AccessibleObjectFromEvent

kernel32

HeapAlloc
GetLocaleInfoA
GetACP
IsDebuggerPresent
HeapFree
QueryPerformanceCounter
lstrlenW
CreateFileW
RaiseException
LocalAlloc
GetSystemTimeAsFileTime
WideCharToMultiByte
CloseHandle
CreateProcessA
GetTickCount
LoadLibraryExW
InterlockedExchange
lstrlenA
HeapSize
GetSystemTime
LoadLibraryW
EnumResourceTypesW
MultiByteToWideChar
SystemTimeToFileTime
GetEnvironmentVariableA
UnhandledExceptionFilter
GetCurrentProcess
GetModuleHandleA
ResetWriteWatch
Sleep
HeapReAlloc
GetCurrentProcessId
HeapFree
GetThreadLocale
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentThreadId
GetStartupInfoA
WriteFile
HeapDestroy
GetProcessHeap
InterlockedCompareExchange
GetStdHandle
lstrcpynW

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 409KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3299a1ea868ec5595eedd2fc62592d1e

Headers

File Characteristics

Imports

shlwapi

wtsapi32

msimg32

oleacc

kernel32

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 2KB - Virtual size: 409KB

.data Size: 117KB - Virtual size: 116KB

.rsrc Size: 512B - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 2KB - Virtual size: 409KB

.data
Size: 117KB - Virtual size: 116KB

.rsrc
Size: 512B - Virtual size: 4KB